-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4212-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk June 09, 2025 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : modsecurity-apache Version : 2.9.3-3+deb11u4 CVE ID : CVE-2025-48866 Debian Bug : 1107196 DoS with sanitiseArg/sanitizeArg has been fixed in modsecurity-apache, a module for the Apache webserver to tighten Web application security. For Debian 11 bullseye, this problem has been fixed in version 2.9.3-3+deb11u4. We recommend that you upgrade your modsecurity-apache packages. For the detailed security status of modsecurity-apache please refer to its security tracker page at: https://security-tracker.debian.org/tracker/modsecurity-apache Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmhG3YwACgkQiNJCh6LY mLEDOg/5AfCD5oXLILedEJypJ5B5OwO5LelthyRFBBObV6/qwjrr2Gn31hVE2gMg 4R5tA/CNSqfMvyU9DlS3s9QmZ4sAkLO8LGyYEilI3zZroR0rx1Q5UFnSA7zzqfeK CuyH8a4qLuadwcaIUehhwKfWcCL0wdMl2yis2i9lpKAT4VEDi6bQ6ukENElUazgY DC1jaWGHt916TGS+B+JbR3MXTAGxnNMU+RBkgR+6cdjY8IPjVJTOOsRhWELblb9C 52uum3XY+wRw7ze2N0xNt6HLwiIdTiqJldOL6w+L9AK9Pz023gA0MG7l3TW+xxLv CCbDwyWIbSIbz2VzCS+t1cF8b4VuPbIJ6NIgCx63pqHgMrIh/ZEIgdsvpuPmVxCY 5dCMzA0iqWuE/VhcQUy20imDiaufCaoRFKjEgg8h07CndmHet8ttgrQs2z5InDar /sCYVe8s+sXT/NA6AqrXNvF7FFvILF7GC75gs7fqufv9zKSYiBKdZWq1IDfelQRE 2hOO5yqMREKPJf/K+jdhHA6u1Yewx0j12Zwq6Ko4iYtJgf806BYFK6z9DQpFT+hk 2b1tznvCLvS5HVIJVThb9oQz43Po6/ruiG3ZsNd52en2poUNZFP1fReXYJSvas71 FOgQpyQOjDoGAytlz6RMy5FFvi8UIoTZ3WpZH3hTVJxK8+NHTTY= =vJC8 -----END PGP SIGNATURE-----
